Automated testing 1.2.34 (#801)

* Automated testing 1.2.34

Signed-off-by: Dmytro Oboznyi <dmytro.oboznyi@syncier.com>

* Changed automation status in test

Signed-off-by: Dmytro Oboznyi <dmytro.oboznyi@syncier.com>

* Changed one more test

Signed-off-by: Dmytro Oboznyi <dmytro.oboznyi@syncier.com>

* Changed Automated to manual

Signed-off-by: Dmytro Oboznyi <dmytro.oboznyi@syncier.com>

cfg/cis-1.6/master.yaml

@@ -819,8 +819,15 @@ groups:
 
       - id: 1.2.34
         text: "Ensure that encryption providers are appropriately configured (Manual)"
-        audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
-        type: "manual"
+        audit: |
+          ENCRYPTION_PROVIDER_CONFIG=$(ps -ef | grep $apiserverbin | grep -- --encryption-provider-config | sed 's%.*encryption-provider-config[= ]\([^ ]*\).*%\1%')
+          if test -e $ENCRYPTION_PROVIDER_CONFIG; then grep -A1 'providers:' $ENCRYPTION_PROVIDER_CONFIG | tail -n1 | grep -o "[A-Za-z]*" | sed 's/^/provider=/'; fi
+        tests:
+          test_items:
+            - flag: "provider"
+              compare:
+                op: valid_elements
+                value: "aescbc,kms,secretbox"
         remediation: |
           Follow the Kubernetes documentation and configure a EncryptionConfig file.
           In this file, choose aescbc, kms or secretbox as the encryption provider.